JPH1127751A - Personally authenticating system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To facilitate authentication and also to improve accuracy by storing a prescribed part of a movement locus person himself and authenticating that the person is himself by means of reproduction of the locus information. SOLUTION: An owner of a terminal 01 sets a position information detection timing, then moves, and receives a position information output signal from a position information output device 10, and detects position information with a position information detecting part. Locus data is crested by repeating the above processing several times and recording it on a recording part 15, and a seconding part 16 modulates it and outputs it. A center 02 demodulates this signal and registers it together with an inherent ID, etc., on a registering part 21, a terminal 01 or the owner. In the case of the personal authentication, trajectory information is inputted by indicating it on a map in accordance with a request from the center 02. In the center 02, a collating part 22 compares and collates it with the locus data of the part 21, a deciding part 24 makes allowable decision and the result is outputting to an outputting part 26 to be authenticated. Thus, there is no need for carrying the terminal 10 at all times, and convenience is also improved.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a personal identification system.

[0002]

2. Description of the Related Art When it is necessary to confirm an identity such as a commercial transaction using a communication line, an electronic settlement, or a withdrawal of a deposit, the identity authentication is carried out without a direct contact with the identity, by a predetermined password and signature. It is generally performed by collation. Verification of passwords and signatures is extremely easy to possess and there is no particular difficulty in using them, but on the other hand, there is a high risk of password theft and signature forgery. On the other hand, systems have been proposed in which special information is held in a special form, such as a public key method, so that only legitimate communication partners can know the information. It had to be learned, and it was hard to say that anyone could use it easily.

[0003]

SUMMARY OF THE INVENTION In view of the above, the present invention has been achieved by focusing on the fact that the trajectory of a moving object, which is a person, often is unique to the person, and A predetermined part of the movement trajectory is stored, the stored information is reproduced when necessary, and the person is authenticated based on the reproduced information. Also, by detecting the movement trajectory, it is possible to almost accurately recognize that the person was present,
It is possible to prove the wrongdoing of the person such as speeding.

[0004]

DESCRIPTION OF THE PREFERRED EMBODIMENTS The present invention relates to detecting means for detecting position information of a person, recording means for recording the detected position information as trajectory information, and trajectory information read from the recording means when necessary. The person is a person, a vehicle, a ship, an airplane, or another moving body, etc., who carries each of the above-described means in a state of being carried or being dressed. And the like indicate a portable device such as a mobile phone, an IC card, etc.
It shows a state like an accessory such as a wristwatch, a ring, a pendant, a necklace or the like. In addition, in vehicles, etc.,
It may be a stationary type device having a certain size. Position information, the reference radio wave signal, ultrasonic signal, receive the optical signal, based on the signal, mainly using the means to calculate the position information, but the position is indoors, The acquisition mode differs depending on whether it is outdoors and indicates a wide area. In the case of indoors, for example, in the case of a person, the position is obtained by a mode in which the body temperature is acquired by a plurality of infrared sensors, or by a combination of sensors for detecting body weight. It is preferable to use a GPS that receives radio waves from a communication satellite and detects its position in that no equipment is installed. Further, a trajectory based on the movement of a part of the body such as the movement of the arm or the neck may be used. In this case, there is provided a means for analyzing the image by continuous photographing with a CCD camera or the like to obtain a trajectory, and a means for recording trajectory data obtained by the CCD camera in trajectory information recording means owned by the subject and the center, At the time of authentication, means for collating this is additionally adopted. The means for recording the position information as trajectory information after detecting the position information mainly indicates a case where a plurality of absolute and relative position information arranged in time series are recorded, and the recording capacity is reduced. In order to reduce the amount, it is also possible to suitably take a means such as recording only the movement amount including the direction information as the next information with respect to the first position information. The personal authentication based on the recorded trajectory information is, for example, connecting a portable or wearable device in which the trajectory information is recorded to an interface of a device that performs authentication, and after the connection, the trajectory information shifts and is recognized. Then, the authentication device gives a direct or indirect question to the person based on the trajectory information, and the person answers the question, thereby determining whether the trajectory information matches or not, and performing authentication. In this case, it is preferable that the trajectory information is recorded in a state in which the track information is unknown to the user or in a state in which the track record cannot be changed. As other personal authentication, when the person moves and the position information is detected or when the trajectory information is obtained, the information is transmitted to the center that manages the system, and the trajectory information is recorded at the center A method of performing the operation is shown. This is preferable in that the capacity of the recording means possessed by the user can be reduced in some cases.

[0005]

FIG. 1 is a diagram showing a position embodiment of the present invention. Reference numeral (01) denotes a terminal, which is used by a user or a user or the like, and is owned by a user or the like and carried at the time of authentication. (02) is a center, such as a center that manages authentication. Is an institution. Reference numeral (10) denotes a position information output device, such as a device for outputting a signal for GPS, such as a communication satellite, or a device for outputting at least information necessary for detecting position information (road radio station (beacon)). It shows what is configured. In the case of GPS, it is assumed that the terminal is at a position where transmission radio waves from at least three or more communication satellites can be received. However, since the terminal requires track information, accurate terminal information is not necessarily required. Since the received time information, the time information of the terminal, and the communication satellite are specified, one communication satellite may be sufficient. The configuration of each part of the terminal (01) will be described. (11) is an antenna for receiving a radio wave and having a performance for receiving a position information signal output from the position information output device (10). The antenna (11) is not limited to a general rod-shaped antenna, but includes a wristband portion for a wristwatch, a collar portion for a necklace, and an edge or surface portion for an IC card. Etc. are exemplified. (12) is a demodulation unit for removing noise and the like. Furthermore, an IF amplifier and an A / D converter are provided. (13) is a position information detection unit, which amplifies an input radio signal by IF and converts it into a digital signal, and then detects a C / A code, a navigation message, and the like from this digital signal, and detects the current absolute or The relative position data is obtained via an arithmetic unit such as a computer. (14) is a trajectory information creating unit that obtains trajectory information by picking up a plurality of position data to which time information has been added to the obtained position data at a predetermined timing. This is based on data set and recorded in advance with a center in charge of authentication, or based on signals such as time intervals and timing signals transmitted from the center in real time. A recording unit (15) is a unit for temporarily or semi-permanently recording and holding information, and is configured by an IC memory, a magnetic card, a magneto-optical card, or the like.
(16) is a transmission unit for modulating and transmitting the trajectory information obtained by the trajectory information generation unit to the center (02), and the transmission timing is determined by the trajectory information generation unit (14). When creating information, if there is a time delay,
The trajectory information is read from the recording unit (15) and transmitted. (17) is an antenna for transmitting trajectory information by radio waves. Note that the center (0
When 2) and another medium (for example, infrared rays, ultrasonic waves, etc.) are used as the transmission medium, the antenna (17) is replaced with a light emitting diode, a piezoelectric body, or the like. Further, the antenna (11) and the antenna (17) may be integrated into one antenna. Position information detector (1
3) The trajectory information creation unit (14) and, if necessary, the recording unit (15) are formed by a single digital signal processing unit (18) such as a one-chip microcomputer. This is preferable when the storage space is limited, for example, when the storage space is limited.

In the center (02), (19) is a receiving antenna for receiving a radio wave transmitted from the transmitting antenna of the terminal (01). It is appropriately selected and configured. (20)
Is a demodulation unit for demodulating, amplifying, detecting, and the like the modulated radio wave transmitted from the terminal side. (21) is a registration unit which converts the transmitted trajectory information into registrable trajectory data and registers it in a state corresponding to the terminal that transmitted the trajectory data. (22) a collating unit which, in response to the input of the authentication request, compares the trajectory data called from the registration unit (21) and the trajectory information obtained by directly inputting from the terminal or the one which made the authentication request. This section is for comparison and collation. (2
3) is an authentication information input unit, which includes a connector, a keyboard, a panel switch, and the like, and is used to input input terminal information as an electric signal and directly input by a person who requests authentication. Depending on the procedure, it also has a function of displaying and outputting a question for authentication. (24)
Is a determination unit, which makes the determination based on the result of the collation, and based on the range of the match set in advance in a state corresponding to the terminal, whether the trajectory information is information of a valid terminal, This is for determining and displaying whether or not it is not. For example, in the case of a GPS, this indicates an allowable range of data for considering error information added for the purpose of the facility. This feature is small on devices,
This is effective when the terminal itself does not perform error processing. Reference numeral (25) denotes a connection portion, which indicates a connector portion provided for inputting trajectory data output from the transmission portion (16) of the terminal (01) to the authentication information input portion (23). (26) is an output unit that outputs the authentication result to the other party. The form of the output unit (26) is appropriately changed according to the information to be transmitted. Output unit (2
6) is connected to a place where it is necessary to know whether the authentication is correct or not, and is output.

Next, the operation will be described. The registration terminal (01) of the trajectory data at the center and the person who possesses the terminal arbitrarily set the position information detection timing for obtaining the trajectory information.
In some cases, the center (02) sets the position information detection timing independently and causes the terminal (01) to record the timing. In some cases, the center (02) inquires of the terminal (01) about the position information every time it needs to know the position information. The terminal (01) moves in conjunction with the person carrying the terminal, and receives a position information output signal output from the position information output device (10) at a predetermined timing via the antenna (11). The received signal is input to the position information detection unit (13) via the demodulation unit (12), and at the timing of obtaining the trajectory information, the first position data is calculated from the information as shown in FIG. S1 (x1, y1, z1, t1). x
1, y1 indicates plane coordinates, z1 indicates altitude coordinates, t1
Indicates time. This data is recorded temporarily. At the next timing, based on the input position information output signal, the position information detection unit (13) detects the position information S2 (x2, y
2, z2, t2) is detected. The position data is calculated at a plurality of timings, and the position data is combined to generate the locus data S.
After creating 1, S2, S3, S4, S5, S6, the recording unit (1
Record in 5). If the position data is calculated and recorded in the recording unit (15) as needed, the trajectory data can be formed as shown in FIG. 3 (b). Therefore, the trajectory information creation unit (14) and the recording unit (15) ) May be integrated. After the trajectory data necessary for the authentication is prepared, the data is read from the recording unit (15) for transmission to the center (02), modulated by the transmission unit (16), and output via the antenna (17). The center (02) is an antenna (19)
Demodulated by the demodulation unit (20).
The registration unit (21) registers the terminal (01) or data such as an ID code unique to the person who owns the terminal (01).

[0008] An example of the operation of the personal authentication terminal (01) and the person carrying the personal authentication terminal (01) will be described. 1 Since the track information is already registered in the center (02), the terminal (01) and the center (02) are not connected,
A request to that effect is sent to the center (02). (2) The center (02) directly or indirectly outputs a request to input the trajectory information to the authenticating person. This displays a map on a screen such as a CRT display with a touch sensor that operates when touched with a finger. This map is created based on trajectory information registered in advance.・ 3 The authentication person inputs the trajectory information in response to the request of the center (02). Specify the map on the screen by touching it with your finger. (4) The center (02) compares and compares the trajectory data designated by the authenticating person with the trajectory data registered in the registration unit (21) by the collating unit (22), and makes the judgment by the judgment unit (24). The result is output to the output unit (26) for authentication. According to this authentication operation, it is not necessary to always own the terminal and the convenience is high.

Another example of the authentication operation will be described. 1 The terminal (01) and the center (02) are connected via the connection unit (25). The center (02) reads the locus data recorded when first registered via the display input unit (23) from the recording unit (15) of the terminal (01). * 2 Further, the data is read from the registration unit (21) together with the identification data of the terminal (01) and the person who owns the terminal (01), and the data is compared and collated by the collation unit (22). (3) When the difference is found in the compared data, the determination unit (24) determines whether or not the difference is within the range of coincidence, determines whether authentication is correct or not, and outputs the result to the output unit (26). You. According to this authentication operation, an authorized person must have the terminal at the time of authentication, but the authentication procedure is automatically performed, so that no burden is imposed on the authenticated person.

[0010] Still another authentication operation will be described.・ 1 The person who is going to be authenticated notifies the center (02) to that effect by telephone or the like.・ 2 The authenticating person moves again to reproduce the registered trajectory.・ 3 The terminal (01) records the trajectory during the movement in the recording unit (1).
5) is recorded in the same manner as in the above-described operation.
2) and outputs the locus data recorded via the connection unit (25). Alternatively, the information is provided for each position forming the trajectory,
The data is sequentially transmitted to the center (02). 4 The center (02) compares the sent trajectory information of the terminal (01) with the trajectory information of the registered terminal,
Outputs the authentication result. According to the above authentication operation example,
The terminal does not need to always accumulate important authentication trajectory data, and the burden on the terminal can be reduced.

The position of each position data is, for example, GPS
In this case, it is necessary to consider the occurrence of a certain degree of error. However, in the case of a locus of a plurality of positions, it is not necessary to accurately detect each position, and it is sufficient that at least the movement patterns match. The registration of the trajectory information in the center (02) is such that the terminal is registered in the center and is maintained in a fixed state until updated, but this update obtains one trajectory information. It may be performed at any time as needed. By the way, between the terminal and the center via a wireless medium,
The connection is made with a certain frequency. At this time, it is preferable to encrypt the data to be transmitted, since there is a possibility that the locus data to be transmitted may be leaked due to the unauthorized intervention of a third party. It is. As for the encryption method, if the KPS method has a secret algorithm that calculates an encryption key that can be executed by a general-purpose effective means such as a normal microcomputer, a shared key can always be generated with multiple parties using only public information. Preferred for the invention. That is, the distance between the terminal and the center is not always the same distance, and in the case of a remote place, there is a limit to the transmission means. Therefore, authentication may be performed with a small center from which the center branches. In a common shared key system, a plurality of encryption keys must be owned and registered every time a center is added. K must be
The PS method is very convenient for the user because it does not need any internal procedures while having an algorithm of a certain size. KPS configuration,
For the operation, JP-A-63-36634 is preferably referred to. As the encryption algorithm, DES (Data Encryption St
andard), FEAL encryption (Shimizu, Miyaguchi, Ota: "High-speed data encryption algorithm FEAL", IEICE technical report, (Information theory), VOL.80, No.113, IT86-33, PP.1-6, ( 1986
Although a processing device based on an algorithm such as year)) is exemplified, the present invention is not limited to this.

Next, another embodiment of the present invention will be described with reference to FIG. (201) is a position information output unit, which is the above-mentioned GPS artificial satellite, beacon or the like. (20
Reference numeral 0) denotes a terminal such as a carrier for recording the trajectory information, such as a driver's license in the form of an IC card, a passport, a pendant, a broach, and a wristwatch. (202) is an antenna, (203) is a demodulation unit, and (204) is
The position detector is the same as that shown in FIG. 1 and its description is omitted. (205) a trajectory information recording unit for creating and recording trajectory data from a plurality of position data, and further calculating and outputting computable terminal speed data from the trajectory data; is there. (2
06) a speed detecting unit for calculating a speed from the position information and outputting control information based on the data, and further calculating a speed information obtained from the trajectory information recording unit (205); It may be a part for issuing a control command for supplying appropriate power to each component based on the information. (2
07) is an input / output unit, for electrical connection, other radio waves,
The connection is made by a wireless medium such as infrared rays, and is a part for exchanging information with the outside. (208)
Is a switching means, which stops the operation of each part of the terminal,
This is a part for starting, and performs an on / off operation manually or automatically. In the case of automatic, for example, when entering a very limited space such as a car, the terminal judges itself using ultrasonic waves or the like, or starts operation based on signals generated in the space , The one that operates by the external operation radio wave is shown. If the terminal is small,
The above-described automatic switch is preferable because it is preferable that the power is consumed only when necessary. However, it is more preferable that the automatic switch has an operation of performing a minimum operation below a certain speed.

Next, the operation will be described. A person who has a terminal (200) as a driver's license drives himself or herself in a car or the like. The switching means (208) starts the operation of the terminal (200) due to the above-mentioned matter. When the position information has a speed equal to or higher than a certain speed, the speed detection unit (206) outputs a command to record the trajectory data to the trajectory information recording unit (206). The trajectory information recording unit (206) keeps recording the data as long as the recording command is issued, and when the memory becomes full, sequentially deletes old data and adds new data. At a certain speed or lower, the speed detector (206) outputs a command to stop recording. In this way, in order to record the trajectory information at a speed higher than a certain speed,
If the person who monitors the driving condition wants to monitor it, the data can be extracted from the input / output unit (207) to prevent illegal driving without hiding the fact that there is a speeding violation or the like. It is.

[0014]

As described above, according to the present invention, the terminal or the person wearing the terminal can easily perform the authentication operation without having to memorize the password by using the action trajectory as its own authentication data. Because it is easy to change, the accuracy of authentication is improved, and accurate trajectory data of the person can be obtained together with time information, so that illegal driving actions such as speeding up can be recorded, and proper driving is promoted. Is possible.

[Brief description of the drawings]

FIG. 1 is a diagram showing one embodiment of the present invention.

FIG. 2 is a diagram showing another embodiment of the present invention.

FIG. 3 is a diagram for explaining the operation of the present invention.

[Explanation of symbols]

 01 terminal 02 center 10 position information output device

Claims (5)

[Claims] 1. A detecting means for detecting position information of a person, a trajectory information creating means for obtaining trajectory information of the detected position information, and when necessary, based on trajectory information read from the trajectory information creating means. Authentication system that authenticates the user. A detecting means for detecting the position information of the user a predetermined number of times; a transmitting means for transmitting the detected trajectory information to an information management center; a recording means for recording the position information as trajectory information; A center-side recording means for recording the trajectory information obtained by comparing the trajectory information recorded by the recording means with the trajectory information recorded by the center-side recording means at the time of authentication. Authentication system. 3. The moving object monitoring device according to claim 1, wherein said locus information is latest or specific locus information, and reads said position information from said recording means when necessary to authenticate the moving object and monitor the speed of the moving object. system. 4. The personal authentication system according to claim 1, wherein the position information is set based on a GPS (Global Positioning System). 5. The personal authentication system according to claim 1, wherein said detection means, recording means, and transmission means are formed so as to be carried or worn.